Copyright © 2003 DMTFPage 1 Overlap of Concepts between GGF DAIS Specs and the DMTF CIM Schema CIM System/Devices, Application, User/Security and Database.

Slides:



Advertisements
Similar presentations
Management Task Force W3C Face To Face 01/22/03. Management Task Force Goal: Draft architecture to satisfy management requirements Till next F2F Deliverables:
Advertisements

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Cloud Management Mechanisms
4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Object-Oriented Analysis and Design
1 Secure Information Sharing Manager (SIS-M) Thesis 2007 Stephen D. Wise
Chapter 4 Relational Databases Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 4-1.
Database Features Lecture 2. Desirable features in an information system Integrity Referential integrity Data independence Controlled redundancy Security.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
© 2006 EMC Corporation. All rights reserved. Managing the Data Center Section 5.2.
Chapter 4 Relational Databases Copyright © 2012 Pearson Education 4-1.
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | OFSAAAI: Modeling Platform Enterprise R Modeling Platform Gagan Deep Singh Director.
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
© 2010 VMware Inc. All rights reserved Access Control Module 8.
Access Control Module 8. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A vSphere Environment Introduction to VMware.
WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.
Data Center Infrastructure
© Drexel University Software Engineering Research Group (SERG) 1 Based on the paper by Philippe Kruchten from Rational Software.
© 2007 Open Grid Forum OGF Modeling Activities DMTF Alliance Partner Symposium Portland, 2007 July 18 Ellen Stokes
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Oracle10g RAC Service Architecture Overview of Real Application Cluster Ready Services, Nodeapps, and User Defined Services.
Digital Object Architecture
Database System Concepts and Architecture
1 Introduction to Database Systems. 2 Database and Database System / A database is a shared collection of logically related data designed to meet the.
Module 7: Fundamentals of Administering Windows Server 2008.
GT Components. Globus Toolkit A “toolkit” of services and packages for creating the basic grid computing infrastructure Higher level tools added to this.
Oracle9i Performance Tuning Chapter 1 Performance Tuning Overview.
8.1 Lawson Security Overview Del Dehn Product Manager.
Database Administration COMSATS INSTITUTE OF INFORMATION TECHNOLOGY, VEHARI.
OOI CI LCA REVIEW August 2010 Ocean Observatories Initiative OOI Cyberinfrastructure Architecture Overview Michael Meisinger Life Cycle Architecture Review.
1 Schema Registries Steven Hughes, Lou Reich, Dan Crichton NASA 21 October 2015.
Storing Organizational Information - Databases
Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.
Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin
Lecture # 3 & 4 Chapter # 2 Database System Concepts and Architecture Muhammad Emran Database Systems 1.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.
Status Report on Access TP8 Group Name: WG2 Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Multics CysecLab Graduate School of Information Security KAIST.
1 Registry Services Overview J. Steven Hughes (Deputy Chair) Principal Computer Scientist NASA/JPL 17 December 2015.
Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.
Sept 1 Overview of DMTF System Virtualization Workgroup for GGF Virtualization BOF Ron Goering, IBM.
Padova, 5 October StoRM Service view Riccardo Zappi INFN-CNAF Bologna.
Introduction to Active Directory
DMTF Standards Overview WBEM and CIM September 18, 2002 Andrea Westerinen Julie Schott Cisco Systems.
AuthZ WG Conceptual Grid Authorization Framework document Presentation of Chapter 2 GGF8 Seattle June 25th 2003 Document AID 222 draft-ggf-authz-framework pdf.
Introduction to Core Database Concepts Getting started with Databases and Structure Query Language (SQL)
Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Copyright © New Signature Who we are: Focused on consistently delivering great customer experiences. What we do: We help you transform your business.
Copyright © 2004 R2AD, LLC Submitted to GGF ACS Working Group for GGF-16 R2AD, LLC Distributing Software Life Cycles Join the ACS Team GGF-16, Athens R2AD,
System Components Operating System Services System Calls.
Data Grids, Digital Libraries and Persistent Archives: An Integrated Approach to Publishing, Sharing and Archiving Data. Written By: R. Moore, A. Rajasekar,
System Virtualization Model and Workgroup Update DMTF System Virtualization Partitioning and Clustering WG Updated: September 18, 2006.
Application Quality of Service
Use Cases and Requirements for I2NSF_
Oracle Solaris Zones Study Purpose Only
Cloud Management Mechanisms
LECTURE 34: Database Introduction
Management Task Force W3C Face To Face 01/22/03.
Introduction to Operating Systems
Operating Systems : Overview
Operating Systems : Overview
PLANNING A SECURE BASELINE INSTALLATION
System Center Operations Manager 2007 – Technical Overview
Access Control What’s New?
Design.
Presentation transcript:

Copyright © 2003 DMTFPage 1 Overlap of Concepts between GGF DAIS Specs and the DMTF CIM Schema CIM System/Devices, Application, User/Security and Database Models October 8, 2003 Author: Andrea Westerinen DMTF VP of Technology

Copyright © 2003 DMTFPage 2 Agenda GGF DAIS Scenarios and DMTF CIM System/Devices Model for Storage and Files Application Model for Deployment and Runtime Database Model User and Security Model Next Steps

Copyright © 2003 DMTFPage 3 Complementary WG Charters GGF DAIS Charter: –“… Promote standards for the development of grid database services, focusing principally on providing consistent access to existing, autonomously managed databases” DMTF CIM Database WG Charter: –“… Define the information model that characterizes the common properties and services performed by a database. This includes both the inventory (static database properties, parameter settings, resource limits, features available/used) and behavioral (event, state, rules, and methods) attributes.”

Copyright © 2003 DMTFPage 4 DAIS Scenarios and CIM Discovering a database –Instance of a CIM_DatabaseSystem (a subclass of CIM_ApplicationSystem) with supporting CIM_DatabaseServices Provisioning a database system –Result of a “create database” -> An instance of CIM_CommonDatabase –Tables are not currently modeled but are a future activity of the Database WG

Copyright © 2003 DMTFPage 5 DAIS Scenarios and CIM Locating a suitable database system and defining the necessary tables –Locate database by checking associated CIM_CommonDatabaseStatistics Starting up and shutting down a system –Use the RequestStateChange method on CIM_EnabledLogicalElement that is inherited by all systems and services

Copyright © 2003 DMTFPage 6 But there is more ….

Copyright © 2003 DMTFPage 7 Other DAIS Concepts in CIM Product information in CIM_Product class Software features in CIM_SoftwareFeature class –SoftwareFeatures related to Products Capabilities as subclasses of the abstract CIM_Capabilities class Concepts of state and status inherited from CIM_ManagedElement and CIM_EnabledLogicalElement

Copyright © 2003 DMTFPage 8 Other DAIS Concepts in CIM Concept of CIM_OrganizationalEntity (orgs, org units and user contacts) in the CIM User and Security Model Also modeled, CIM_Credentials, CIM_Identity (i.e., a security principal) and RBAC (via CIM_Privilege, CIM_Role and policy)

Copyright © 2003 DMTFPage 9 Agenda DAIS Scenarios and CIM System/Devices Model for Storage and Files Application Model for Deployment and Runtime Database Model User and Security Model Next Steps

Copyright © 2003 DMTFPage 10 Storage Aspects Addressed by CIM File/record layer Block layer Storage devices (disks, …) Database (dbms) File system (FS) Network Host Device Block aggregation Application Services Discovery, monitoring Resource mgmt, configuration Security, billing Redundancy mgmt (backup, …) High availability (fail-over, …) Capacity planning

Copyright © 2003 DMTFPage 11 Storage and File Concepts CIM_StorageExtent is the high level class representing any storage CIM_StorageVolume describes storage that is presented to an OS (for ex, by a hardware RAID cabinet), or to a File System (for ex, by a software volume manager) StorageVolumes can be based on (assembled from) lower level StorageExtents

Copyright © 2003 DMTFPage 12 Storage and File Concepts CIM_FileSystem and CIM_LogicalFile define the base file system concepts FileSystems reside on storage, as indicated by the CIM_ResidesOnExtent association LogicalFiles are located in FileSystems and are of various types – Directory, Data, Device (describing devices accessed via a byte stream I/O model), FIFOPipe, or SymbolicLink File sharing and import (across systems) also described

Copyright © 2003 DMTFPage 13 Agenda DAIS Scenarios and CIM System/Devices Model for Storage and Files Application Model for Deployment and Runtime Database Model User and Security Model Next Steps

Copyright © 2003 DMTFPage 14 Applications Model Overview Sub-Models: –Application Lifecycle Model (Deployment) –Application Runtime Model –J2EE Application Server Model –Management and State –Metrics

Copyright © 2003 DMTFPage 15 Application Model Overview Software Feature Application System Core Model Application Model ProductSoftwareFeature ApplicationSystemSoftwareFeature SoftwareFeatureSoftwareElements Software Element ProductService Unit of Component Management Unit of Acquisition Unit of Deployment Execution Service Collect Features into Business System

Copyright © 2003 DMTFPage 16 Breaking Down the Model: Runtime Sub-Models

Copyright © 2003 DMTFPage 17 Mapping the Runtime into CIM SW Feature/ SW Element Structure Application System Sub-Model Principal Management Object Class Configuration Setting External System System, Service, Resource, SWF/SWE Function Application Service Resource UoW (Action) Data Event Indication inter- acts with consists ofprovides performsdetermines dataflow emits applies imple- ments Perfor- mance metrics Status Errors Metrics per individual action Analysis Overview, Monitoring Statistics, Summary, Aggre- gations Runtime Model History Metrics, Statistics stores behavior of the past Support Object Class CIM Class Representing a Managed Object

Copyright © 2003 DMTFPage 18 Modeling FCAPS Aspects of Applications Fault –Indications –Error and status properties (counter, information) –Log-entries, traces, etc. Performance –Base metrics (IO, timebound metrics, etc.) –UoW –Metric properties –Statistics Configuration –Persistent configuration information: configuration, settings –Control: methods –Current configuration: object properties, support classes, associations

Copyright © 2003 DMTFPage 19 Agenda DAIS Scenarios and CIM System/Devices Model for Storage and Files Application Model for Deployment and Runtime Database Model User and Security Model Next Steps

Copyright © 2003 DMTFPage 20 Database Model Overview Common Database Services Config Params Database System Database Users DBA Database Files Database Files Database Storage 3 Level Model for a database environment: - Database system software - Common database entity - Database services - Entities that perform tasks for the database, such as coordinating user access

Copyright © 2003 DMTFPage 21 Current Database WG Activities Work with the Application WG to refine application runtime to better address database environment Database clustering Extend concepts from other models to cover Database Users, Listeners, and other relevant database management entities Define inter-model relationships needed to support capabilities such as provisioning and inventory management

Copyright © 2003 DMTFPage 22 Agenda DAIS Scenarios and CIM System/Devices Model for Storage and Files Application Model for Deployment and Runtime Database Model User and Security Model Next Steps

Copyright © 2003 DMTFPage 23 User/Security Model Overview

Copyright © 2003 DMTFPage 24 CIM_Credential Defines materials, information, or other data which is used to prove something, such as establishing identity Types of Credentials: –Shared Secret –Kerberos Ticket –Public Key (Self-issued, CA) –Biometrics –… Authentication “Service” validates Credential

Copyright © 2003 DMTFPage 25 CIM_Identity Represents a security principal Entity “behind” an Identity can be user, organizational, services, systems, … (AssignedIdentity) –Entity may have multiple Identities Within a given security context: –Identity has a level of trust (SecuritySensitivity) –Whether an Identity is currently authenticated must be established and removed (CurrentlyAuthenticated boolean) by the security infrastructure

Copyright © 2003 DMTFPage 26 Identity (Continued) Conditions which must be met in order for an Identity to be authenticated are defined using “policy” –Allow different alternatives/combinations of Credentials to establish Identity –For ex, birth certificate and driver’s licence OR passport Identity object may not be authenticated, but instance valid for audit/accounting

Copyright © 2003 DMTFPage 27 CIM_Privilege and CIM_Role Privilege: –Types of activities which are granted or denied (PrivilegeGranted boolean) –“General” activities – Create, Delete, Detect, Read, Write, Execute –Any Privileges not specifically granted MUST be denied –An explicit deny takes precedence over any granted Privileges Role: –Collection of privileges and/or other roles –Allowing definition of role hierarchies

Copyright © 2003 DMTFPage 28 Agenda DAIS Scenarios and CIM System/Devices Model for Storage and Files Application Model for Deployment and Runtime Database Model Next Steps

Copyright © 2003 DMTFPage 29 Next Steps Define mapping of DAIS concepts to CIM Where specific mappings exist, reuse the CIM classes Where mappings do not exist, extend the models –Model development is on-going and driven by the needs of DMTF members and partners